我正在生成XML Xades簽名。我需要在TAG簽名中添加名稱空間http://uri.etsi.org/01903/v1.3.2#。添加名稱空間時無效的XML簽名
如果我在簽署文檔後添加此TAG,我會得到無效的簽名錯誤。
我不知道該如何前加入,因爲我只有標記簽名後signing.'
這是添加命名空間
void addNamespace(doc)
{
NodeList nl = doc.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
Node a = nl.item(0);
Element sig = (Element)a;
sig.setAttributeNS("http://www.w3.org/2000/xmlns/","xmlns:etsi","http://uri.etsi.org/01903/v1.3.2#");
}
的代碼簽名代碼:
signContext = new DOMSignContext(pk, parentElement);
signContext.putNamespacePrefix("http://uri.etsi.org/01903/v1.3.2#","etsi");
XMLSignature signature;
signature.sign(signContext);
addNamespace(doc);
的XML:
<note>
<to>Tove</to>
<from>Jani</from>
<heading>Reminder</heading>
<body>Don't forget me this weekend!</body>
個
< DS:簽名的xmlns:DS = 「http://www.w3.org/2000/09/xmldsig#」 ID = 「簽名-830342」>
<ds:SignedInfo Id="SignedInfo-830342">
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>tKDaVHCywRrFbblaDIKZjUviXkI=</ds:DigestValue>
</ds:Reference>
<ds:Reference Type="http://uri.etsi.org/01903#SignedProperties" URI="#SignedProperties-830342">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>M/coSDm1tqC4DKkbCyXUP82fB58=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#KeyInfo-830342">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>pInn5xZepngScAKAse0zZPuhyNU=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue Id="SignatureValue843847">
PTJj6kXgDNRwXKQvDH5xr+FF5+naKjAo3bl70Wwlc6MAU2EgMTaCnh7Ml7wvfKvNWbPvTL+5bXYH FlSuC3PsDn2SguQ1vvWm1xI6cZAKh0w4sMiQiS9UDjxIifyZZqNwcZ7uCX2c6K+S7xNQZzcPi5HW oQ+6Pq8vtSZODxN6b0Y=
</ds:SignatureValue>
<ds:KeyInfo Id="KeyInfo-830342">
<ds:X509Data>
<ds:X509Certificate>
MIIDiTCCAnGgAwIBAgIBKjANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQGEwJFUzESMBAGA1UECBMJ QmFyY2Vsb25hMQ8wDQYDVQQKEwZpc2lnbWExFzAVBgNVBAMTDmlzaWdtYSByb290IENBMR8wHQYJ KoZIhvcNAQkBFhBpc2lnbWFAaXNpZ21hLmVzMB4XDTE0MDUzMDA4MjgxOFoXDTE5MDUyOTA4Mjgx OFowgZsxCzAJBgNVBAYTAkVTMRIwEAYDVQQIEwliYXJjZWxvbmExEjAQBgNVBAcTCUJhcmNlbG9u YTEPMA0GA1UEChMGaXNpZ21hMQswCQYDVQQLEwJpdDETMBEGA1UEAxMKRGVtb3MgdXNlcjESMBAG A1UEBRMJMTIzNDU2NzhaMR0wGwYJKoZIhvcNAQkBFg5pbmZvQGlzaWdtYS5lczCBnzANBgkqhkiG 9w0BAQEFAAOBjQAwgYkCgYEAl+AvFwUL16YdzlPT42EMEBhvWQP5Cmt4RXFMKTZ7TXes0y/jT/l1 VF3evNuGI+RZCweUGVqzRWA3z+tV3qbVXuRKtNfXjGvhtG8RTX2SYwqvjDGsnR0XS8Gd1kGUGbeL fOE8vF3q5O2OiN5FF0xMg/0uEw2fZ3P9zONVLsT/A6kCAwEAAaOBiTCBhjAJBgNVHRMEAjAAMAsG A1UdDwQEAwIHgDAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUw HQYDVR0OBBYEFCc/oVSDFtH46U81hILH78cwLnR9MB8GA1UdIwQYMBaAFLIkRa3EwPkvEabba+7h fY4FDjr9MA0GCSqGSIb3DQEBBQUAA4IBAQB1TpQ66zJL+69iooqSQIryzLykWqcXeVeJOAWbGwbP x2P5LVboqXRxj5j9jmlTyqQLRoHLS5BaExq+P+2sPd/BOU2/QV9yrv7uAFkxyQjcMip8eqj1pc0X gqW+JoIkeeqa+UWj+fVQg/YqHsFNgkSoxCf4aPWC2x5X33SH6D8QkXQw4FJcRppfmr4ljsbPmuvV V1uk34I6PTb3gRlVIiTvUWtRaOLQ0lDlFa5bO5rd9nQV7UsK2e7ghXZpUtdW6OAYIuP3ASweOlE1 6z2DiMlYMGJ8Ci/vdcG1eEhVQoV0+z2s78ybJXelTiuxHvuJLPTNk5eoG5zAOAz8oFoQi+51
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<ds:Object Id="Signature20257-data545881">
<xades:QualifyingProperties xmlns:xades="http://uri.etsi.org/01903/v1.3.2#"Target="#Signature-830342">
<xades:SignedProperties Id="SignedProperties-830342">
<xades:SignedSignatureProperties>
<xades:SigningTime>2014-07-08T12:40:02+02:00</xades:SigningTime>
<xades:SigningCertificate>
<xades:Cert>
<xades:CertDigest>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>ivK7JSJgkt1YHLuXeUphxagMGcI=</ds:DigestValue>
</xades:CertDigest>
</xades:Cert>
</xades:SigningCertificate>
<xades:SignaturePolicyIdentifier>
<xades:SignaturePolicyId>
<xades:SigPolicyId>
<xades:Identifier>
http://www.facturae.es/politica_de_firma_formato_facturae/politica_de_firma_formato_facturae_v3_1.pdf
</xades:Identifier>
<xades:Description>facturae31</xades:Description>
</xades:SigPolicyId>
<xades:SigPolicyHash>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>Ohixl6upD6av8N7pEvDABhEL6hM=</ds:DigestValue>
</xades:SigPolicyHash>
</xades:SignaturePolicyId>
</xades:SignaturePolicyIdentifier>
<xades:SignerRole>
<xades:ClaimedRoles>
<xades:ClaimedRole>supplier</xades:ClaimedRole>
</xades:ClaimedRoles>
</xades:SignerRole>
</xades:SignedSignatureProperties>
<xades:SignedDataObjectProperties/>
</xades:SignedProperties>
<xades:UnsignedProperties/>
</xades:QualifyingProperties>
</ds:Object>
</ds:Signature>
</note>
我需要一個命名空間會在TAG簽名中而不是TAG對象
'XMLSignature簽名; signature.sign(signContext);'應該失敗,不應該吧 – mkl
@mkl我不明白你的意思。這不是現在沒有失敗。簽名方法涉及到文檔的散列,把引用放在...我需要在簽名過程中設置命名空間 – TimeStron
*我不明白你的意思* - 我的意思是說代碼爲在你的問題中存在一個未賦值變量的'sign'。因爲它沒有失敗,我假設你根本沒有提供簽名對象的賦值。 – mkl